[openstack-dev] [Heat]Updated summit etherpad: API-retry-with-idempotency

Mitsuru Kanabuchi kanabuchi.mitsuru at po.ntts.co.jp
Mon Nov 18 11:15:35 UTC 2013


On Fri, 15 Nov 2013 12:46:44 +0100
Zane Bitter <zbitter at redhat.com> wrote:

> Yes, but you don't know the UUID until you know it, and by then it's too 
> late (the resource has been created). So the idempotency token has to be 
> something passed in by the user.

I completely agree with you that token has to be something passed in by
the user.

> You could allow the user to supply the UUID (you would obviously check 
> it for uniqueness). There is however, many possible ways in which that 
> could go horribly wrong (e.g. if you sharded based on UUID, an attacker 
> might be able to exploit that to overload one of your machines; the 
> uniqueness check leaks information from other tenants, &c.)

Umm...
Thank you for important comments.

I understood your comment imply that idempotency token has to generate by
trusted services. (e.g. keystone?)

One of other hand, I'm thinking for easily way to implement idempotency token.
In my idea, idempotency token has to:

  - be String (Don't use UUID)
    # for avoiding UUID generate problem

  - isolate per tenant
    # for avoiding uniqueness check leaks

is appropriate. What do you think about that?

--------------------
  Mitsuru Kanabuchi
    NTT Software Corporation
    E-Mail : kanabuchi.mitsuru at po.ntts.co.jp




More information about the OpenStack-dev mailing list